Subject: Re: binary for NetBSD Security Advisory 2003-009: sendmail
To: None <>
From: Christian Limpach <>
List: tech-security
Date: 04/08/2003 22:25:32
Quoting "Greg A. Woods" <>:

> This process is onerous enough that I only build patches for stuff that
> might actually pose a real risk to my clients.
> I'm hoping that with future releases I might be able to leaverage a bit
> off the new meta-log mechanisms in "install"....

The following works for me, as long as you don't mind including all the files 
``make install'' installs.  Run it from the dir which is mentioned in the 

DESTDIR is some temporary dir
TOPDIR is where is
NBMAKE is the make wrapper script[1] from the tools dir
NBPAX is nbpax from the tools dir
DISTFILE is the created .tar.gz package

mkdir $DESTDIR
(cd $TOPDIR && $NBMAKE do-distrib-dirs DESTDIR=$DESTDIR)

$NBMAKE cleandir dependall

# remove what we don't need in package
(cd $DESTDIR && find . -type d -depth -print0 | xargs -0 rmdir 2>/dev/null)
rm $DESTDIR/sys

( echo "/set uname=root gname=wheel"
  find . -type d -exec echo \{} type=dir optional \;
) | $NBPAX -v -wz -M -N $TOPDIR/etc -f $DISTFILE

Maybe we could have a top-level target which does the right thing for:
make binary-patch-kit DESTDIR=somedir DISTFILE=somefile \
    SUBDIRS="some/sub/dir other/sub/dir"

Christian Limpach <>

[1] setup to do unprived builds, might not work otherwise.